@extends("layouts.backend.webadmin")
@section('page-header')
    <h1>
        <small>falw\menu</small>
    </h1>
@endsection

@section('content')
    <link rel="stylesheet" href="{{env('APP_ROOT')}}/assets/select2/css/select2.min.css">
    <link rel="stylesheet" href="{{env('APP_ROOT')}}/assets/select2/css/select2totree.css">
    <!-- Main content -->
    <section class="content">
        <div class="row">
            <div class="col-xs-12">
                <div class="box">
                    <div class="box-body">
                        @if($errors->any())
                            <ul class="alert alert-danger">
                                @foreach($errors->all() as $error)
                                    <li>{{ $error }}</li>
                                @endforeach
                            </ul>
                        @endif
                        @if($action =='add')
                        <form action="{{ URL::route('admin.flaw.vulsadd') }}" method="POST">
                        @elseif($action =='update')
                        <form action="{{ URL::route('admin.flaw.vulsupdate') }}" method="POST">
                        <input type="hidden" name="id" value="{{$item->id}}">
                        @endif
                        <div class="form-group">
                            <label for="vulstitle">标题</label>
                            <input type="text" class="form-control" id="vulstitle" placeholder="漏洞标题"
                                   name="title"
                                   @if($action =='update' || $action =='detail') value="{{$item->title}}"
                                   @else value="{{old('title')}}" @endif>
                        </div>
                        <div class="form-group">
                            <label>副标题</label>
                            <textarea class="form-control" rows="3" placeholder='副标题是作为漏洞标题的修正，外部接收的漏洞标题可能有夸大事实或者系统不明确等问题，如可能为“海航某系统sql注入漏洞，泄漏几千万数据”这种，需修改为“xxx系统xx功能sql注入漏洞”'
                                      name="description">@if($action =='update' || $action =='detail'){{$item->description}}@elseif($action =='add'){{old('description')}}@endif</textarea>
                        </div>
                        <div class="form-group">
                            <label for="vulsUserId">提交人</label>
                            <select class="form-control" id="vulsUserId" name="user_id" disabled>
                                <option>--提交人--</option>
                                @foreach($users as $user)
                                    <option value="{{ $user->id }}"
                                            @if(($action =='update' || $action =='detail') && $user->id == $item->user_id) selected  @elseif($user->id == \Auth::id()) selected  @endif >{{ $user->real_name }}</option>
                                @endforeach
                                <input type="hidden" name="user_id" id="hiddenUserId" value="">
                            </select>
                        </div>
                        <div class="form-group">
                            <label for="vulsAppId">所属应用</label>
                            <select class="form-control" id="vulsAppId" name="app_id">
                                <option>--所属应用--</option>
                                @foreach($apps as $app)
                                    <option value="{{ $app->id }}"
                                            @if(($action =='update' || $action =='detail') && $app->id  == $item->app_id) selected @endif @if(old('app_id')==$app->id) selected @endif @if($app_id==$app->id) selected @endif >{{ $app->name }}</option>
                                @endforeach
                            </select>
                        </div>
                        <div class="form-group">
                            <label for="vulsCategoryId">所属分类</label>
                            <select class="form-control" id="vulsCategoryId" name="category_id">
                                {{--<option class="l1 non-leaf" value="0">所属分类</option>--}}
                                @foreach($categorys as $cate)
                                    <option class="l{{$cate->num}} {{$cate->child=='yes'?'non-leaf':''}}" data-pup="{{$cate->pid}}" value="{{ $cate->id }}"
                                            @if(($action =='update' || $action =='detail') && $cate->id == $item->category_id) selected @endif @if(old('category_id')==$cate->id) selected @endif
                                        @if($cate->child=='yes')
                                        disabled
                                        @endif
                                        >{{ $cate->name }}</option>
                                @endforeach
                            </select>
                        </div>
                        <div class="form-group">
                            <label for="vulsLevelId">所属级别</label>
                            <select class="form-control" id="vulsLevelId" name="level_id">
                                <option>--所属级别--</option>
                                @foreach($levels as $level)
                                    <option value="{{ $level->id }}"
                                            @if(($action =='update' || $action =='detail') && $level->id == $item->level_id) selected @endif @if(old('level_id')==$level->id) selected @endif >{{ $level->name }}</option>
                                @endforeach
                            </select>
                        </div>
                        {{--start 新增 漏洞URl、URl参数、payload 三个字段 --start --}}
                            <div class="form-group">
                                <label for="fromUrl">漏洞URL</label>
                                <input type="text" class="form-control" id="fromUrl" placeholder="例:http://www.demo.com/demo.php"
                                       name="from_url"
                                       @if($action =='update' || $action =='detail') value="{{$item->from_url}}"
                                       @else value="{{old('from_url')}}" @endif>
                            </div>
                            <div class="form-group">
                                <label for="vulsUrlParms">URL参数</label>
                                <input type="text" class="form-control" id="vulsUrlParms" placeholder="例:id=1"
                                       name="url_parms"
                                       @if($action =='update' || $action =='detail') value="{{$item->url_parms}}"
                                       @else value="{{old('url_parms')}}" @endif>
                            </div>
                            <div class="form-group">
                                <label for="vulsPayload">Payload</label>
                                <input type="text" class="form-control" id="vulsPayload" placeholder="例:http://www.demo.com/demo.php?id=1&1=select (count(*) as c from demo where c>0)"
                                       name="payload"
                                       @if($action =='update' || $action =='detail') value="{{$item->payload}}"
                                       @else value="{{old('payload')}}" @endif>
                            </div>
                        {{--end 新增 漏洞URl、URl参数、payload 三个字段 -end --}}
                        <div class="form-group">
                            <label>内容</label>
                            <!-- 加载编辑器的容器 -->
                            <script id="container" name="content" type="text/plain">@if($action =='update' || $action =='detail'){!!$item->content!!}@elseif($action =='add'){!!old('content','
                                <p style="color: rgb(255, 0, 0);">漏洞URL或功能路径：</p>
                                <p></p>
                                <p style="color: rgb(255, 0, 0);">漏洞利用过程：</p>
                                <p></p>
                                <p style="color: rgb(255, 0, 0);">漏洞影响：</p>
                                <p></p>
                                <p style="color: rgb(255, 0, 0);">修复建议：</p>
                                <p></p>
                            ')!!}@else漏洞内容... @endif</script>
                        </div>
                        {{--                    <div class="form-group">
                                    <label for="vulsReward">安全币</label>
                                    <input type="text" class="form-control" disabled id="vulsReward" placeholder="安全币" name="credit"  @if($action =='update')value="{{$item->max_integ}} @endif">
                                </div>--}}
                        {{--                    <div class="form-group">
                                    <label for="vulsCredit">贡献度</label>
                                    <input type="number" class="form-control" id="vulsCredit" placeholder="贡献度" name="credit"  @if($action =='update')value="{{$item->max_integ}} @endif">
                                </div>--}}
                        <div class="form-group">
                            <label for="vulsStatus">漏洞状态</label>
                            <select class="form-control" id="vulsStatus" name="status" @if($action =='add') disabled @endif>
                                {{--<option>--选择状态--</option>--}}
                                @foreach($vulstatus as $vt)
                                    <option value="{{ $vt['id'] }}"
                                            @if(($action =='update' || $action =='detail') && $vt['id'] == $item->status) selected @elseif ($action =='add' && $vt['id']==0) selseced @endif >{{ $vt['name'] }}</option>
                                @endforeach
                            </select>
                            @if($action =='add') <input type="hidden" name="status"  id="hiddenStatus" value="">@endif
                        </div>
                            {{--<div class="form-group">
                                <label for="checkOption">测试项</label>
                                <select class="form-control" id="checkOption" name="check_id">
                                    <option value="0">--请选择--</option>
                                    @foreach($vulCheckOption as $ck)
                                        <option value="{{ $ck['id'] }}"
                                                @if(($action =='update' || $action =='detail') && $ck['id'] == $item->check_id) selected @endif >{{ $ck['name'] }}</option>
                                    @endforeach
                                </select>
                            </div>--}}
                            <input type="hidden" name="check_id" value="{{$check_id}}">
                        {!! csrf_field() !!}
                        @if($action =='add')
                            <button type="submit" class="btn btn-primary">添加</button>
                            </form>
                        @elseif($action == 'update')
                            <button type="submit" class="btn btn-info">更新</button>
                            </form>
                        @endif
                    </div>
                </div>
            </div>
        </div>
    </section>
@stop
@section('javascript-end')
    <script src="{{env('APP_ROOT')}}/assets/select2/js/select2.min.js"></script>
    <script src="{{env('APP_ROOT')}}/assets/select2/js/select2totree.js"></script>
    @include('UEditor::head');
    <script>
        $(function(){
            $('#vulsCategoryId').select2ToTree({ width: '100%' });
            $('#vulsAppId').select2ToTree({ width: '100%' });
            $('#hiddenStatus').val($("#vulsStatus option:selected").val());
            $('#hiddenUserId').val($("#vulsUserId option:selected").val());
        })
        var toolbars = [[
            'fullscreen', 'source', '|', 'undo', 'redo', '|', 'blockquote', 'forecolor', 'backcolor', 'removeformat', '|',
            'imagenone', 'imageleft',
            'imageright', 'imagecenter', '|', 'link', 'unlink', 'anchor', 'simpleupload', 'insertimage', '|',
        ], [
            'customstyle', 'paragraph', 'fontfamily', 'fontsize', '|','insertcode',
        ]];
        //实例化编辑器
        var ue = UE.getEditor('container', {
            toolbars: toolbars,
            initialFrameHeight: 350,
            serverUrl: "{{env('APP_ROOT')}}"+window.UEDITOR_CONFIG.serverUrl
        });
    </script>
@endsection